feat: remove test_unsafe
This commit is contained in:
parent
abb3eab559
commit
d2839286ce
7 changed files with 8 additions and 29 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
|
@ -11,3 +11,4 @@ argon2id_elixir-*.tar
|
|||
.DS_Store
|
||||
/.elixir_ls/
|
||||
*.xml
|
||||
native/argon2/target/
|
||||
|
|
|
|||
10
README.md
10
README.md
|
|
@ -6,7 +6,7 @@ Fast and secure Argon2 password hashing library for Elixir.
|
|||
|
||||
- Uses the pure Rust implementation of Argon2
|
||||
- Only Argon2i implementation (version 0x13) at the moment
|
||||
- Built-in security presets (OWASP, Strong, Test/Unsafe)
|
||||
- Built-in security presets (OWASP, Strong)
|
||||
|
||||
## Installation
|
||||
|
||||
|
|
@ -56,9 +56,6 @@ hash = Argon2.hash_password("secure_password123")
|
|||
|
||||
# Strong - Higher security for sensitive applications
|
||||
hash = Argon2.hash_password("secure_password123", "strong")
|
||||
|
||||
# Test - Fast but unsafe, only for testing purposes
|
||||
hash = Argon2.hash_password("secure_password123", "test_unsafe")
|
||||
```
|
||||
|
||||
Preset specifications:
|
||||
|
|
@ -86,11 +83,6 @@ STRONG:
|
|||
Hash time: 145ms
|
||||
Verify time: 139ms
|
||||
Memory: 65MB
|
||||
|
||||
TEST_UNSAFE:
|
||||
Hash time: 1ms
|
||||
Verify time: 1ms
|
||||
Memory: 1MB
|
||||
```
|
||||
|
||||
## Development
|
||||
|
|
|
|||
|
|
@ -1,15 +1,13 @@
|
|||
defmodule Argon2 do
|
||||
@moduledoc """
|
||||
Argon2 password hashing for Elixir using Rust NIFs.
|
||||
Argon2 password hashing using Rust.
|
||||
|
||||
This module provides a secure way to hash passwords using the Argon2i algorithm
|
||||
with configuration presets following security best practices.
|
||||
This module provides a secure way to hash passwords using the Argon2i algorithm.
|
||||
|
||||
## Security Presets
|
||||
|
||||
* `:owasp` (default) - OWASP recommended settings (m=19456, t=2, p=1)
|
||||
* `:strong` - Higher security settings (m=65540, t=3, p=4)
|
||||
* `:test_unsafe` - Fast settings for testing only (m=1024, t=1, p=1)
|
||||
|
||||
## Examples
|
||||
|
||||
|
|
@ -34,7 +32,6 @@ defmodule Argon2 do
|
|||
|
||||
* Passwords must be at least 8 characters long
|
||||
* Each hash uses a unique random salt
|
||||
* The `:test_unsafe` preset should never be used in production
|
||||
"""
|
||||
|
||||
@type password :: String.t()
|
||||
|
|
@ -46,7 +43,7 @@ defmodule Argon2 do
|
|||
|
||||
## Options
|
||||
|
||||
* `config` - One of `"owasp"` (default), `"strong"`, or `"test_unsafe"`
|
||||
* `config` - One of `"owasp"` (default) or `"strong"`
|
||||
|
||||
## Examples
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ defmodule Argon2.Benchmark do
|
|||
"""
|
||||
|
||||
def run(rounds \\ 5) do
|
||||
configs = [nil, "strong", "test_unsafe"]
|
||||
configs = [nil, "strong"]
|
||||
password = "benchmark_password123"
|
||||
|
||||
IO.puts("Configuration Benchmarks (averaged over #{rounds} runs):\n")
|
||||
|
|
@ -37,7 +37,6 @@ defmodule Argon2.Benchmark do
|
|||
case config do
|
||||
"owasp" -> 19
|
||||
"strong" -> 65
|
||||
"test_unsafe" -> 1
|
||||
end
|
||||
|
||||
IO.puts("""
|
||||
|
|
|
|||
4
mix.exs
4
mix.exs
|
|
@ -6,7 +6,7 @@ defmodule Argon2.MixProject do
|
|||
def project do
|
||||
[
|
||||
app: :argon2id_elixir,
|
||||
version: "1.0.0",
|
||||
version: "1.1.0",
|
||||
elixir: "~> 1.17",
|
||||
start_permanent: Mix.env() == :prod,
|
||||
deps: deps(),
|
||||
|
|
@ -113,7 +113,7 @@ defmodule Argon2.MixProject do
|
|||
[
|
||||
main: "Argon2",
|
||||
source_url: @source_url,
|
||||
extras: ["README.md"],
|
||||
extras: ["README.md", "LICENSE-APACHE", "LICENSE-MIT"],
|
||||
groups_for_modules: [
|
||||
Core: [
|
||||
Argon2,
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@ const MIN_PASSWORD_LENGTH: usize = 8;
|
|||
enum ConfigType {
|
||||
Owasp,
|
||||
Strong,
|
||||
TestUnsafe,
|
||||
}
|
||||
|
||||
impl ConfigType {
|
||||
|
|
@ -21,7 +20,6 @@ impl ConfigType {
|
|||
match self {
|
||||
ConfigType::Owasp => Params::new(19456, 2, 1, None).expect("Invalid OWASP config"),
|
||||
ConfigType::Strong => Params::new(65540, 3, 4, None).expect("Invalid strong config"),
|
||||
ConfigType::TestUnsafe => Params::new(1024, 1, 1, None).expect("Invalid test config"),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -39,7 +37,6 @@ fn hash_password(password: String, config_type: Option<String>) -> Result<String
|
|||
|
||||
let config_type = match config_type.as_deref() {
|
||||
Some("strong") => ConfigType::Strong,
|
||||
Some("test_unsafe") => ConfigType::TestUnsafe,
|
||||
_ => ConfigType::Owasp,
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -16,13 +16,6 @@ defmodule Argon2Test do
|
|||
assert String.starts_with?(hash, "$argon2i$v=19$m=65540,t=3,p=4$")
|
||||
end
|
||||
|
||||
test "hashes a password with test/development config" do
|
||||
config = "test_unsafe"
|
||||
hash = Argon2.hash_password("password123", config)
|
||||
assert is_binary(hash)
|
||||
assert String.starts_with?(hash, "$argon2i$v=19$m=1024,t=1,p=1")
|
||||
end
|
||||
|
||||
test "generates different hashes for the same password" do
|
||||
hash1 = Argon2.hash_password("same_password123")
|
||||
hash2 = Argon2.hash_password("same_password123")
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue